Make it easier to debug SAML errors

[Nikschavan]

Recently I had to debug SSO errors where users were seeing 500 errors because of some infra configuration errors, but debugging this was very difficult as I had to figure out and spend some time to get some logging setup.

The way I did was to add logging into X-ray with more details for the error from $saml->getLastErrorReason() and $saml->getLastErrorException()

wp-simple-saml/inc/namespace.php

Lines 315 to 337 in 236a41b

	function get_sso_user() {
	$saml = instance();
	try {
	$saml->processResponse();
	} catch ( \Exception $e ) {
	/* translators: %s = error message */
	return new \WP_Error( 'invalid-saml', sprintf( esc_html__( 'Error: Could not parse the authentication response, please forward this error to your administrator: "%s"', 'wp-simple-saml' ), esc_html( $e->getMessage() ) ) );
	}
	if ( ! empty( $saml->getErrors() ) ) {
	$errors = implode( ', ', $saml->getErrors() );
	/* translators: %s = error message */
	return new \WP_Error( 'invalid-saml', sprintf( esc_html__( 'Error: Could not parse the authentication response, please forward this error to your administrator: "%s"', 'wp-simple-saml' ), esc_html( $errors ) ) );
	}
	if ( ! $saml->isAuthenticated() ) {
	return new \WP_Error( 'not-authenticated', esc_html__( 'Error: Authentication wasn\'t completed successfully.', 'wp-simple-saml' ) );
	}
	return get_or_create_wp_user( $saml );
	}

I am thinking about how we can make it easier to debug this, One of the simplest solutions I am thinking of is to also trigger WordPress actions with related information and let the application code handle different logging?